Multiple vulnerabilities found in GPS trackers

A series of vulnerabilities being called “Trackmageddon” have been discovered in multiple GPS services that collect location data from devices like pet, car and kid trackers.

The flaws include easy-to-guess default passwords and exposed folders, which could allow hackers to access users’ GPS coordinates and phone numbers, among other data.

More than 100 tracking sites have been leaking user info, and at this time only six have patched the vulnerabilities.

If you use one of these services, experts recommend:

  1. Change your password. For many of these services, the default password is 123456. This password won’t protect you, even if your device is managed by a service that isn’t vulnerable.
  2. Stop using the affected device. Although some data is already public and can’t be taken back, stopping use of the device can protect information that hasn’t been exposed and can keep your live location from being tracked.
  3. Remove personalized data. If there’s a name or phone number associated with the device, change or remove it to keep some of your info concealed.


Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy